Lucene search
J23 -- http://twitter.com/HansJ23ZDI-11-243HistoryJul 27, 2011 - 12:00 a.m.
WebKit ContentEditable Inline Style Remote Code Execution Vulnerability
2011-07-2700:00:00
J23 -- http://twitter.com/HansJ23
www.zerodayinitiative.com
19
EPSS
0.201
Percentile
96.4%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit as utilized by either Apple Safari, or Googleโs Chrome browser. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the library handles implicitly defined styles. When processing a specific case for a style, the application will dispatch an event. During this dispatch, code can be executed that can be used to manipulate the DOM tree causing a type-switch. This type-switch can lead to code execution under the context of the application.
References
Related
cvelist
cvelist
CVE-2011-0232
2011-07-21 23:00:00
ubuntucve
ubuntucve
CVE-2011-0232
2011-07-21 00:00:00
prion
prion
Memory corruption
2011-07-21 23:55:00
securityvulns
securityvulns
ZDI-11-243: WebKit ContentEditable Inline Style Remote Code Execution Vulnerability
2011-08-01 00:00:00
WebKit / Apple Safari / Google Chrome multiple security vulnerabilities
2011-08-01 00:00:00
APPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6
2011-07-22 00:00:00
nvd
nvd
CVE-2011-0232
2011-07-21 23:55:02
cve
cve
CVE-2011-0232
2011-07-21 23:55:02
seebug
seebug
Apple Safari 5.1ๅ5.0.6ไนๅ็ๆฌๅคไธชๅฎๅ
จๆผๆด
2011-07-22 00:00:00
Apple iTunesๅคไธชๅฎๅ
จๆผๆด
2011-10-13 00:00:00
openvas
openvas
Apple Safari Multiple Vulnerabilities (Jul 2011)
2011-07-27 00:00:00
Apple Safari Multiple Vulnerabilities - July 2011
2011-07-27 00:00:00
Apple Safari Multiple Vulnerabilities - July 2011 (Mac OS X)
2011-08-12 00:00:00
nessus
nessus
Apple iOS < 5.0 Multiple Vulnerabilities (BEAST)
2012-06-19 00:00:00
Safari < 5.1 Multiple Vulnerabilities
2011-07-21 00:00:00
Mac OS X : Apple Safari < 5.1 / 5.0.6
2011-07-21 00:00:00